forked from cerc-io/stack-orchestrator
WIP: nitro auth
This commit is contained in:
parent
523b5779be
commit
9e87088328
100
stack_orchestrator/data/compose/docker-compose-go-nitro-auth.yml
Normal file
100
stack_orchestrator/data/compose/docker-compose-go-nitro-auth.yml
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
version: '3.7'
|
||||||
|
|
||||||
|
services:
|
||||||
|
go-nitro-alice:
|
||||||
|
image: cerc/go-nitro:local
|
||||||
|
hostname: go-nitro-alice
|
||||||
|
restart: on-failure
|
||||||
|
depends_on:
|
||||||
|
# Wait for Nitro contracts to be deployed
|
||||||
|
nitro-contracts:
|
||||||
|
condition: service_completed_successfully
|
||||||
|
environment:
|
||||||
|
CERC_NITRO_CHAIN_URL: ${CERC_NITRO_CHAIN_URL:-ws://fixturenet-eth-geth-1:8546}
|
||||||
|
CERC_NITRO_PK: ${CERC_NITRO_PK_ALICE:-f36f6dd450892224ee113899195ef922a4795d41c32cafb386d9aab6e0b7b0c6}
|
||||||
|
CERC_NITRO_CHAIN_PK: ${CERC_NITRO_CHAIN_PK_ALICE:-888814df89c4358d7ddb3fa4b0213e7331239a80e1f013eaa7b2deca2a41a218}
|
||||||
|
CERC_NITRO_USE_DURABLE_STORE: ${CERC_NITRO_USE_DURABLE_STORE:-true}
|
||||||
|
CERC_NITRO_DURABLE_STORE_FOLDER: ${CERC_NITRO_DURABLE_STORE_FOLDER:-/app/data/nitro-store}
|
||||||
|
CERC_NITRO_MSG_PORT: ${CERC_NITRO_MSG_PORT_ALICE:-3006}
|
||||||
|
CERC_NITRO_WS_MSG_PORT: ${CERC_NITRO_WS_MSG_PORT_ALICE:-5006}
|
||||||
|
CERC_NITRO_RPC_PORT: ${CERC_NITRO_RPC_PORT_ALICE:-4006}
|
||||||
|
CERC_NITRO_BOOT_PEERS: "/dns4/go-nitro-bob/tcp/3007/p2p/16Uiu2HAm7JBTpfJWoUh14ZC5MaCM6TujKp8P8ag4ULPiw6g9Xzba"
|
||||||
|
CERC_NA_ADDRESS: ${CERC_NA_ADDRESS}
|
||||||
|
CERC_VPA_ADDRESS: ${CERC_VPA_ADDRESS}
|
||||||
|
CERC_CA_ADDRESS: ${CERC_CA_ADDRESS}
|
||||||
|
CERC_NITRO_UI_PORT: ${CERC_NITRO_UI_PORT_ALICE:-4106}
|
||||||
|
entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"]
|
||||||
|
volumes:
|
||||||
|
- go_nitro_data_alice:/app/data
|
||||||
|
- nitro_deployment:/app/deployment
|
||||||
|
- ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "nc", "-vz", "localhost", "4006"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 100
|
||||||
|
start_period: 100s
|
||||||
|
ports:
|
||||||
|
- "3006:3006"
|
||||||
|
- "4006:4006"
|
||||||
|
- "5006:5006"
|
||||||
|
- "4106:4106"
|
||||||
|
|
||||||
|
go-nitro-bob:
|
||||||
|
image: cerc/go-nitro:local
|
||||||
|
hostname: go-nitro-bob
|
||||||
|
restart: on-failure
|
||||||
|
depends_on:
|
||||||
|
# Wait for Nitro contracts to be deployed
|
||||||
|
nitro-contracts:
|
||||||
|
condition: service_completed_successfully
|
||||||
|
environment:
|
||||||
|
CERC_NITRO_CHAIN_URL: ${CERC_NITRO_CHAIN_URL:-ws://fixturenet-eth-geth-1:8546}
|
||||||
|
CERC_NITRO_PK: ${CERC_NITRO_PK_BOB:-801c8f30853ed4cbfa130298def86c441c00f4a2eefc6e8fc835ae253ad91d7f}
|
||||||
|
CERC_NITRO_CHAIN_PK: ${CERC_NITRO_CHAIN_PK_BOB:-570b909da9669b2f35a0b1ac70b8358516d55ae1b5b3710e95e9a94395090597}
|
||||||
|
CERC_NITRO_USE_DURABLE_STORE: ${CERC_NITRO_USE_DURABLE_STORE:-true}
|
||||||
|
CERC_NITRO_DURABLE_STORE_FOLDER: ${CERC_NITRO_DURABLE_STORE_FOLDER:-/app/data/nitro-store}
|
||||||
|
CERC_NITRO_MSG_PORT: ${CERC_NITRO_MSG_PORT_BOB:-3007}
|
||||||
|
CERC_NITRO_WS_MSG_PORT: ${CERC_NITRO_WS_MSG_PORT_BOB:-5007}
|
||||||
|
CERC_NITRO_RPC_PORT: ${CERC_NITRO_RPC_PORT_BOB:-4007}
|
||||||
|
CERC_NITRO_BOOT_PEERS: "/dns4/go-nitro-alice/tcp/3006/p2p/16Uiu2HAmNUiX7bpCpbo5JdqEebp85ptGU2Vk2AT9E3BykvbwQ3F9"
|
||||||
|
CERC_NA_ADDRESS: ${CERC_NA_ADDRESS}
|
||||||
|
CERC_VPA_ADDRESS: ${CERC_VPA_ADDRESS}
|
||||||
|
CERC_CA_ADDRESS: ${CERC_CA_ADDRESS}
|
||||||
|
CERC_NITRO_UI_PORT: ${CERC_NITRO_UI_PORT_BOB:-4107}
|
||||||
|
entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"]
|
||||||
|
volumes:
|
||||||
|
- go_nitro_data_bob:/app/data
|
||||||
|
- nitro_deployment:/app/deployment
|
||||||
|
- ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "nc", "-vz", "localhost", "4007"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 100
|
||||||
|
start_period: 100s
|
||||||
|
ports:
|
||||||
|
- "3007:3007"
|
||||||
|
- "4007:4007"
|
||||||
|
- "5007:5007"
|
||||||
|
- "4107:4107"
|
||||||
|
|
||||||
|
nitro-rpc-client:
|
||||||
|
image: cerc/nitro-rpc-client:local
|
||||||
|
hostname: nitro-rpc-client
|
||||||
|
restart: always
|
||||||
|
environment:
|
||||||
|
CERC_NITRO_RPC_FUND_AMOUNT: ${CERC_NITRO_RPC_FUND_AMOUNT:-2000000}
|
||||||
|
CERC_NITRO_RPC_HOST_ALICE: ${CERC_NITRO_RPC_HOST_ALICE:-go-nitro-alice}
|
||||||
|
CERC_NITRO_RPC_PORT_ALICE: ${CERC_NITRO_RPC_PORT_ALICE:-4006}
|
||||||
|
CERC_NITRO_USE_TLS: ${CERC_NITRO_USE_TLS:-false}
|
||||||
|
CERC_NITRO_ADDRESS_BOB: ${CERC_NITRO_ADDRESS_BOB:-0xe07e314501cc73b24cf45a6577486017300e153c}
|
||||||
|
volumes:
|
||||||
|
- nitro_deployment:/app/deployment
|
||||||
|
- ../config/nitro-rpc-client/start.sh:/app/start.sh
|
||||||
|
command: ["/app/start.sh"]
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
go_nitro_data_alice:
|
||||||
|
go_nitro_data_bob:
|
||||||
|
nitro_deployment:
|
@ -47,4 +47,24 @@ while true; do
|
|||||||
sleep $retry_interval
|
sleep $retry_interval
|
||||||
done
|
done
|
||||||
|
|
||||||
./nitro -chainurl ${CERC_NITRO_CHAIN_URL} -msgport ${CERC_NITRO_MSG_PORT} -rpcport ${CERC_NITRO_RPC_PORT} -wsmsgport ${CERC_NITRO_WS_MSG_PORT} -publicip "0.0.0.0" -pk ${CERC_NITRO_PK} -chainpk ${CERC_NITRO_CHAIN_PK} -naaddress ${NA_ADDRESS} -vpaaddress ${VPA_ADDRESS} -caaddress ${CA_ADDRESS} -usedurablestore ${CERC_NITRO_USE_DURABLE_STORE} -durablestorefolder ${CERC_NITRO_DURABLE_STORE_FOLDER} -tlscertfilepath "" -tlsKeyFilepath ""
|
if [[ -n "$CERC_NITRO_UI_PORT" ]] && [[ -d "ui" ]]; then
|
||||||
|
for f in `ls ui/assets/*.js`; do
|
||||||
|
sed -i "s/\"CERC_RUNTIME_ENV_RPC_HOST\"/\"localhost:${CERC_NITRO_RPC_PORT}\"/g" "$f"
|
||||||
|
done
|
||||||
|
http-server -p $CERC_NITRO_UI_PORT ui &
|
||||||
|
fi
|
||||||
|
|
||||||
|
./nitro \
|
||||||
|
-chainurl ${CERC_NITRO_CHAIN_URL} \
|
||||||
|
-msgport ${CERC_NITRO_MSG_PORT} \
|
||||||
|
-rpcport ${CERC_NITRO_RPC_PORT} \
|
||||||
|
-wsmsgport ${CERC_NITRO_WS_MSG_PORT} \
|
||||||
|
-publicip "0.0.0.0" \
|
||||||
|
-pk ${CERC_NITRO_PK} \
|
||||||
|
-chainpk ${CERC_NITRO_CHAIN_PK} \
|
||||||
|
-naaddress ${NA_ADDRESS} \
|
||||||
|
-vpaaddress ${VPA_ADDRESS} \
|
||||||
|
-caaddress ${CA_ADDRESS} \
|
||||||
|
-usedurablestore=${CERC_NITRO_USE_DURABLE_STORE} \
|
||||||
|
-durablestorefolder ${CERC_NITRO_DURABLE_STORE_FOLDER} \
|
||||||
|
-bootpeers "${CERC_NITRO_BOOT_PEERS}"
|
88
stack_orchestrator/data/config/nitro-rpc-client/start.sh
Executable file
88
stack_orchestrator/data/config/nitro-rpc-client/start.sh
Executable file
@ -0,0 +1,88 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
CERC_NITRO_RPC_FUND_AMOUNT=${CERC_NITRO_RPC_FUND_AMOUNT:-0}
|
||||||
|
CERC_NITRO_RPC_HOST_ALICE=${CERC_NITRO_RPC_HOST_ALICE:-go-nitro-alice}
|
||||||
|
CERC_NITRO_RPC_PORT_ALICE=${CERC_NITRO_RPC_PORT_ALICE:-4006}
|
||||||
|
CERC_NITRO_USE_TLS=${CERC_NITRO_USE_TLS:-false}
|
||||||
|
CERC_NITRO_ADDRESS_BOB=${CERC_NITRO_ADDRESS_BOB:-0xe07e314501cc73b24cf45a6577486017300e153c}
|
||||||
|
|
||||||
|
|
||||||
|
# Wait till chain endpoint is available
|
||||||
|
retry_interval=5
|
||||||
|
while true; do
|
||||||
|
nc -z -w 1 "$CERC_NITRO_RPC_HOST_ALICE" "$CERC_NITRO_RPC_PORT_ALICE"
|
||||||
|
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
echo "Nitro endpoint is available"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Nitro endpoint not yet available, retrying in $retry_interval seconds..."
|
||||||
|
sleep $retry_interval
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
if [[ "$CERC_NITRO_RPC_FUND_AMOUNT" -gt 0 ]]; then
|
||||||
|
nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
|
||||||
|
-p $CERC_NITRO_RPC_PORT_ALICE \
|
||||||
|
-s=$CERC_NITRO_USE_TLS \
|
||||||
|
get-all-ledger-channels | \
|
||||||
|
jq "[.[] | select(.Status == \"Open\") | select(.Balance.Them == \"$CERC_NITRO_ADDRESS_BOB\")] | first" > \
|
||||||
|
/app/deployment/nitro-ledger-channel-alice-to-bob.json
|
||||||
|
if [[ ! -f "/app/deployment/nitro-ledger-channel-alice-to-bob.json" ]]; then
|
||||||
|
echo "Creating new ledger channel ..."
|
||||||
|
nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
|
||||||
|
-p $CERC_NITRO_RPC_PORT_ALICE \
|
||||||
|
-s=$CERC_NITRO_USE_TLS \
|
||||||
|
-n \
|
||||||
|
direct-fund --amount $CERC_NITRO_RPC_FUND_AMOUNT $CERC_NITRO_ADDRESS_BOB
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
|
||||||
|
-p $CERC_NITRO_RPC_PORT_ALICE \
|
||||||
|
-s=$CERC_NITRO_USE_TLS \
|
||||||
|
get-all-ledger-channels | \
|
||||||
|
jq "[.[] | select(.Status == \"Open\") | select(.Balance.Them == \"$CERC_NITRO_ADDRESS_BOB\")] | first" > \
|
||||||
|
/app/deployment/nitro-ledger-channel-alice-to-bob.json
|
||||||
|
|
||||||
|
ledger_channel=$(jq -r '.ID' /app/deployment/nitro-ledger-channel-alice-to-bob.json)
|
||||||
|
|
||||||
|
if [[ ! -f "/app/deployment/nitro-payment-channels-alice-to-bob.json" ]]; then
|
||||||
|
echo "Creating new payment channel ..."
|
||||||
|
nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
|
||||||
|
-p $CERC_NITRO_RPC_PORT_ALICE \
|
||||||
|
-s=$CERC_NITRO_USE_TLS \
|
||||||
|
-n \
|
||||||
|
virtual-fund --amount $((CERC_NITRO_RPC_FUND_AMOUNT/2)) $CERC_NITRO_ADDRESS_BOB
|
||||||
|
fi
|
||||||
|
|
||||||
|
nitro-rpc-client -h $CERC_NITRO_RPC_HOST_ALICE \
|
||||||
|
-p $CERC_NITRO_RPC_PORT_ALICE \
|
||||||
|
-s=$CERC_NITRO_USE_TLS \
|
||||||
|
get-payment-channels-by-ledger $ledger_channel > \
|
||||||
|
/app/deployment/nitro-payment-channels-alice-to-bob.json
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo "################################################################"
|
||||||
|
echo ""
|
||||||
|
|
||||||
|
echo "LEDGER:"
|
||||||
|
cat /app/deployment/nitro-ledger-channel-alice-to-bob.json | jq
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
|
||||||
|
echo "PAYMENT:"
|
||||||
|
cat /app/deployment/nitro-payment-channels-alice-to-bob.json | jq
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "$1" ]; then
|
||||||
|
exec "$@"
|
||||||
|
exit $?
|
||||||
|
fi
|
||||||
|
|
||||||
|
while [ 1 -eq 1 ]; do
|
||||||
|
sleep 100
|
||||||
|
done
|
@ -8,9 +8,19 @@ COPY . .
|
|||||||
RUN go build -v -o nitro .
|
RUN go build -v -o nitro .
|
||||||
|
|
||||||
# Reduce image size
|
# Reduce image size
|
||||||
FROM debian:bullseye-slim
|
FROM node:18-bullseye-slim as builder-ui
|
||||||
RUN apt-get update
|
RUN apt-get update
|
||||||
RUN apt-get install -y ca-certificates jq netcat
|
RUN apt-get install -y make
|
||||||
|
WORKDIR /app
|
||||||
|
COPY . .
|
||||||
|
RUN yarn
|
||||||
|
RUN VITE_RPC_HOST=CERC_RUNTIME_ENV_RPC_HOST make ui/build
|
||||||
|
|
||||||
|
FROM node:18-bullseye-slim
|
||||||
|
RUN apt-get update
|
||||||
|
RUN apt-get install -y ca-certificates jq netcat make
|
||||||
RUN rm -rf /var/lib/apt/lists/*
|
RUN rm -rf /var/lib/apt/lists/*
|
||||||
|
RUN npm install -g http-server
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY --from=builder /app/nitro .
|
COPY --from=builder /app/nitro .
|
||||||
|
COPY --from=builder-ui /app/packages/nitro-gui/dist /app/ui
|
||||||
|
@ -4,9 +4,10 @@ RUN apk --update --no-cache add python3 alpine-sdk bash curl jq
|
|||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
COPY . .
|
COPY packages/nitro-rpc-client .
|
||||||
|
|
||||||
RUN echo "Installing dependencies" && \
|
RUN echo "Installing dependencies" && \
|
||||||
yarn
|
yarn
|
||||||
|
|
||||||
RUN cd packages/nitro-rpc-client
|
RUN yarn build
|
||||||
|
RUN ln -s /app/bin/nitro-rpc-client.js /bin/nitro-rpc-client
|
||||||
|
@ -0,0 +1,84 @@
|
|||||||
|
# fixturenet-payments-lite
|
||||||
|
|
||||||
|
Instructions to setup and deploy an end-to-end fixturenet-payments-lite stack, on a local machine. Some tips are included for running on a remote cloud machine.
|
||||||
|
|
||||||
|
## Setup
|
||||||
|
|
||||||
|
Clone required repositories:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
laconic-so --stack fixturenet-nitro setup-repositories --pull
|
||||||
|
```
|
||||||
|
|
||||||
|
Build the container imagesfixturenet-payments-lite:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
laconic-so --stack fixturenet-nitro build-containers
|
||||||
|
```
|
||||||
|
|
||||||
|
## Deploy
|
||||||
|
|
||||||
|
Deploy the stack:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
laconic-so --stack fixturenet-nitro deploy --cluster payments up
|
||||||
|
```
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Exposed on host ports:
|
||||||
|
# 32***: geth in statediffing mode and ipld-eth-server(s)
|
||||||
|
# 4005: in-process go-nitro node's RPC endpoint
|
||||||
|
# 3005: in-process go-nitro node's p2p TCP endpoint
|
||||||
|
# 5005: in-process go-nitro node's p2p WS endpoint
|
||||||
|
# 4006: out-of-process go-nitro node's RPC endpoint
|
||||||
|
# 3006: out-of-process go-nitro node's p2p TCP endpoint
|
||||||
|
# 5006: out-of-process go-nitro node's p2p WS endpoint
|
||||||
|
# 15432: MobyMask v3 watcher's db endpoint
|
||||||
|
# 3001: MobyMask v3 watcher endpoint
|
||||||
|
# 9090: MobyMask v3 watcher relay node endpoint
|
||||||
|
# 8080: MobyMask snap
|
||||||
|
# 3004: MobyMask v3 app
|
||||||
|
# 42070: Ponder indexer-1
|
||||||
|
# 42071: Ponder indexer-2
|
||||||
|
# 42069: Ponder watcher
|
||||||
|
```
|
||||||
|
|
||||||
|
If running in the cloud, ensure all the of the above ports are open. The geth port can be retrieved with:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker port payments-fixturenet-eth-geth-1-1 8545
|
||||||
|
```
|
||||||
|
|
||||||
|
Then for every port above, run each line in a new terminal window (or use `screen`):
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ssh -L 4005:localhost:4005 user@<your-ip>
|
||||||
|
ssh -L 5005:localhost:5005 user@<your-ip>
|
||||||
|
ssh -L 8081:localhost:8081 user@<your-ip>
|
||||||
|
# ... and so on for every port
|
||||||
|
```
|
||||||
|
|
||||||
|
This will allow you to access the entirety of the app as if it were running locally.
|
||||||
|
|
||||||
|
## Demo
|
||||||
|
|
||||||
|
- Follow the [mobymask-demo](./mobymask-demo.md) to try out MobyMask end-to-end payments.
|
||||||
|
- Follow the [ponder-demo](./ponder-demo.md) to try out Ponder end-to-end payments.
|
||||||
|
|
||||||
|
## Clean up
|
||||||
|
|
||||||
|
Stop all the services running in background:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
laconic-so --stack fixturenet-nitro deploy --cluster payments down 30
|
||||||
|
```
|
||||||
|
|
||||||
|
Clear volumes created by this stack:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# List all relevant volumes
|
||||||
|
docker volume ls -q --filter "name=payments"
|
||||||
|
|
||||||
|
# Remove all the listed volumes
|
||||||
|
docker volume rm $(docker volume ls -q --filter "name=payments")
|
||||||
|
```
|
@ -0,0 +1,25 @@
|
|||||||
|
version: "1.0"
|
||||||
|
name: fixturenet-nitro-auth
|
||||||
|
description: "Stack to demonstrate payments between various services"
|
||||||
|
repos:
|
||||||
|
# fixturenet repos
|
||||||
|
- git.vdb.to/cerc-io/go-ethereum@v1.11.6-statediff-v5
|
||||||
|
- git.vdb.to/cerc-io/lighthouse
|
||||||
|
# nitro repo
|
||||||
|
- github.com/cerc-io/go-nitro@v0.1.2-ts-port-0.1.9
|
||||||
|
containers:
|
||||||
|
# fixturenet images
|
||||||
|
- cerc/go-ethereum
|
||||||
|
- cerc/lighthouse
|
||||||
|
- cerc/lighthouse-cli
|
||||||
|
- cerc/fixturenet-eth-genesis
|
||||||
|
- cerc/fixturenet-eth-geth
|
||||||
|
- cerc/fixturenet-eth-lighthouse
|
||||||
|
# nitro
|
||||||
|
- cerc/nitro-contracts
|
||||||
|
- cerc/go-nitro
|
||||||
|
- cerc/nitro-rpc-client
|
||||||
|
pods:
|
||||||
|
- fixturenet-eth
|
||||||
|
- nitro-contracts
|
||||||
|
- go-nitro-auth
|
Loading…
Reference in New Issue
Block a user